Integer signedness error in truetype/ttgload.c in Freetype 2.3.4 and earlier might allow remote attackers to execute arbitrary code via a crafted TTF image with a negative n_points value, which leads to an integer overflow and heap-based buffer overflow.
References
Configurations
History
13 Feb 2023, 02:17
Type | Values Removed | Values Added |
---|---|---|
References |
|
|
Summary | Integer signedness error in truetype/ttgload.c in Freetype 2.3.4 and earlier might allow remote attackers to execute arbitrary code via a crafted TTF image with a negative n_points value, which leads to an integer overflow and heap-based buffer overflow. |
02 Feb 2023, 16:15
Type | Values Removed | Values Added |
---|---|---|
Summary | CVE-2007-2754 freetype integer overflow | |
References |
|
Information
Published : 2007-05-17 22:30
Updated : 2023-12-10 10:40
NVD link : CVE-2007-2754
Mitre link : CVE-2007-2754
CVE.ORG link : CVE-2007-2754
JSON object : View
Products Affected
freetype
- freetype
CWE